Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/LrQ1lxS4_AfEqIL3OFASFJ19Vf8.roa
File: LrQ1lxS4_AfEqIL3OFASFJ19Vf8.roa (raw, json)
Hash identifier: tCEJzNNhDgaTBuWLVmyl6iFc/LQPKQ7t2gTCUFXBLLY=
Subject key identifier: 2E:B4:35:97:14:B8:FC:07:C4:A8:82:F7:38:50:12:14:9D:7D:55:FF
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01839DD4BD9318D8AEDAEB6D3F8921D1A5A4
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/LrQ1lxS4_AfEqIL3OFASFJ19Vf8.roa
Signing time: Mon 03 Oct 2022 12:31:48 +0000
ROA not before: Mon 03 Oct 2022 12:31:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 159.148.224.0/23 maxlen: 23
85.254.42.0/23 maxlen: 23
85.254.64.0/23 maxlen: 23
85.254.8.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:9d:d4:bd:93:18:d8:ae:da:eb:6d:3f:89:21:d1:a5:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Oct 3 12:31:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2eb4359714b8fc07c4a882f7385012149d7d55ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b6:87:f1:8b:03:32:f0:66:2d:c7:bb:81:ee:
40:74:bb:fe:dc:d2:af:eb:d8:3c:db:c6:ba:5b:51:
17:b2:c0:47:fd:1b:81:2f:e8:98:42:5b:14:4a:60:
fe:12:48:1a:50:f7:99:af:43:c0:99:e1:8d:51:6b:
87:d0:76:bf:8f:5b:33:cf:e7:d2:0a:2b:a3:b3:93:
42:91:13:bd:5d:a0:e5:eb:8e:6e:47:d1:69:46:99:
75:d8:c1:8c:58:c5:5f:8c:12:f8:24:67:20:7f:a2:
30:5f:47:7e:65:ba:eb:53:92:64:dd:2b:a1:f9:07:
21:7d:77:b4:bd:f9:2e:a4:f3:13:ae:35:1f:9a:b0:
b1:2c:45:1c:1e:bb:74:b0:7b:51:23:e6:97:9f:8c:
17:ec:7d:57:f0:67:ab:bf:92:5e:23:27:b4:b3:1a:
54:a8:81:13:3e:f9:47:8f:23:be:94:d4:46:3c:9e:
a4:03:4a:26:f8:27:a5:ad:ec:c4:24:81:65:05:bb:
1d:9b:d8:18:e7:0c:bd:6a:9b:bd:10:bc:53:45:75:
a8:71:7f:9d:f3:18:df:02:c6:f5:56:6e:84:a5:6a:
48:b7:13:2e:04:e4:ab:61:60:89:d4:9d:2a:da:05:
d2:7c:a5:e8:58:36:ac:0d:f9:76:1a:fd:dc:6b:ac:
e2:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:B4:35:97:14:B8:FC:07:C4:A8:82:F7:38:50:12:14:9D:7D:55:FF
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/LrQ1lxS4_AfEqIL3OFASFJ19Vf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.8.0/21
85.254.42.0/23
85.254.64.0/23
159.148.224.0/23
Signature Algorithm: sha256WithRSAEncryption
70:14:4f:92:c0:4f:95:b5:cd:3e:36:bc:87:ef:e7:26:36:7d:
d7:fc:01:8c:3c:4c:63:2b:57:db:45:55:e8:25:cf:f9:7c:5e:
35:0c:bd:48:95:f9:f4:3a:89:4a:b2:af:4f:46:8c:f1:a7:e6:
83:16:26:b5:32:9e:70:66:25:3c:7f:d6:94:fe:99:95:3e:24:
f2:3a:99:d6:d2:4a:ca:21:d8:41:7a:21:74:b6:d6:cc:06:1a:
89:32:6d:66:39:6f:3e:5c:e4:0e:c6:b1:4e:64:05:84:91:bd:
61:47:3f:8b:57:b2:a6:74:70:41:ce:71:f4:f0:0e:39:19:34:
f9:c9:11:69:0e:88:86:a3:37:aa:90:8f:88:e4:c4:37:4e:ae:
88:52:61:51:36:9f:cb:ad:cb:23:7a:06:8e:3e:48:81:9e:6f:
cc:14:af:0f:28:2f:21:ba:c1:42:b6:36:fe:09:53:d8:75:2a:
9a:23:75:b7:e6:be:43:80:19:09:37:45:cd:37:3a:ca:c7:e7:
5a:36:14:91:7a:04:6d:70:ba:d6:15:da:f8:8a:57:fc:50:91:
40:96:c2:a7:65:aa:14:f5:2a:35:66:8f:35:31:c2:3e:94:d0:
c6:fb:06:ae:0c:de:4f:2d:64:0f:48:0c:77:0b:db:5a:79:6e:
18:46:7c:ad
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYOd1L2TGNiu2uttP4kh0aWkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjIxMDAzMTIzMTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWI0MzU5NzE0YjhmYzA3YzRhODgyZjczODUwMTIxNDlkN2Q1NWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7aH8YsDMvBmLce7ge5AdLv+3NKv
69g828a6W1EXssBH/RuBL+iYQlsUSmD+EkgaUPeZr0PAmeGNUWuH0Ha/j1szz+fS
Ciujs5NCkRO9XaDl645uR9FpRpl12MGMWMVfjBL4JGcgf6IwX0d+ZbrrU5Jk3Suh
+QchfXe0vfkupPMTrjUfmrCxLEUcHrt0sHtRI+aXn4wX7H1X8Gerv5JeIye0sxpU
qIETPvlHjyO+lNRGPJ6kA0om+CelrezEJIFlBbsdm9gY5wy9apu9ELxTRXWocX+d
8xjfAsb1Vm6EpWpItxMuBOSrYWCJ1J0q2gXSfKXoWDasDfl2Gv3ca6zidQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC60NZcUuPwHxKiC9zhQEhSdfVX/MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvTHJRMWx4UzRfQWZFcUlMM09GQVNGSjE5VmY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDVf4IAwQB
Vf4qAwQBVf5AAwQBn5TgMA0GCSqGSIb3DQEBCwUAA4IBAQBwFE+SwE+Vtc0+NryH
7+cmNn3X/AGMPExjK1fbRVXoJc/5fF41DL1Ilfn0OolKsq9PRozxp+aDFia1Mp5w
ZiU8f9aU/pmVPiTyOpnW0krKIdhBeiF0ttbMBhqJMm1mOW8+XOQOxrFOZAWEkb1h
Rz+LV7KmdHBBznH08A45GTT5yRFpDoiGozeqkI+I5MQ3Tq6IUmFRNp/LrcsjegaO
PkiBnm/MFK8PKC8husFCtjb+CVPYdSqaI3W35r5DgBkJN0XNNzrKx+daNhSRegRt
cLrWFdr4ilf8UJFAlsKnZaoU9So1Zo81McI+lNDG+wauDN5PLWQPSAx3C9taeW4Y
Rnyt
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:37 2023 by rpki-client on console-ams.rpki-client.org